package com.cntaiping.fsc.security.filter;

import com.cntaiping.fsc.core.model.BaseResponse;
import com.cntaiping.fsc.core.util.ResponseUtil;
import com.cntaiping.fsc.core.util.SessionUtil;
import com.cntaiping.fsc.security.config.TpSecurityProperties;
import com.cntaiping.fsc.security.util.SignatureUtil;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import java.util.TreeMap;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/cntaiping/fsc/security/filter/TpTokenAuthFilter.class */
public class TpTokenAuthFilter extends AbstractAuthFilter {
    private static final int order = -122;
    protected TpSecurityProperties tpSecurityProperties;
    private boolean enableBasicAuth;

    public TpTokenAuthFilter(TpSecurityProperties tpSecurityProperties) {
        super(order);
        this.enableBasicAuth = false;
        this.tpSecurityProperties = tpSecurityProperties;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        boolean z = false;
        StringBuilder sb = new StringBuilder();
        sb.append("App Token validate Fail! ");
        Boolean bool = (Boolean) httpServletRequest.getAttribute("TP_AUTH_FLAG_ATTR");
        if ((bool == null || !bool.booleanValue()) && !excludedUrls(httpServletRequest, this.ignoredUrls)) {
            String header = httpServletRequest.getHeader("x-app-token");
            if (StringUtils.hasText(header)) {
                HttpSession session = httpServletRequest.getSession(false);
                if (session != null) {
                    String str = (String) session.getAttribute("x-app-token");
                    if (StringUtils.hasText(str) && str.equals(header)) {
                        z = true;
                    }
                }
                if (!z) {
                    String header2 = httpServletRequest.getHeader("x-app-id");
                    String header3 = httpServletRequest.getHeader("x-app-random");
                    String header4 = httpServletRequest.getHeader("x-app-client-ip");
                    if (ObjectUtils.isEmpty(header4)) {
                        header4 = SessionUtil.getRemoteHost(httpServletRequest);
                    }
                    if (StringUtils.hasText(header2) && StringUtils.hasText(header3)) {
                        TreeMap treeMap = new TreeMap();
                        treeMap.put("x-app-client-ip", header4);
                        treeMap.put("x-app-id", header2);
                        treeMap.put("x-app-random", header3);
                        z = SignatureUtil.validateAppToken(header, treeMap);
                        if (!z) {
                            sb.append("Invalid App Token: ");
                            sb.append(header);
                        }
                    } else {
                        sb.append("Miss header: ");
                        if (StringUtils.hasText(header2)) {
                            sb.append("x-app-random");
                        } else {
                            sb.append("x-app-id");
                        }
                    }
                }
            } else {
                sb.append("Miss header: ");
                sb.append("x-app-token");
            }
        } else {
            z = true;
        }
        httpServletRequest.setAttribute("TP_AUTH_FLAG_ATTR", Boolean.valueOf(z));
        if (z || this.enableBasicAuth) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            ResponseUtil.sendErrorResponse(httpServletRequest, httpServletResponse, new BaseResponse("0009", sb.toString()));
        }
    }

    public void setEnableBasicAuth(boolean z) {
        this.enableBasicAuth = z;
    }
}
